I'm facing an issue with AWS Elastic Beanstalk(Php,Symfony) and gzip.
I'm trying to enable Gzip compression but it work only for .svg files with this configuration :
Folder hierarchy
nginx.config
server {
gzip on;
gzip_static on;
gzip_comp_level 6;
gzip_proxied any;
gzip_types text/html text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml;
gzip_min_length 1400;
}
symfony.config
location / {
try_files $uri $uri/ /index.php?$query_string;
gzip on;
gzip_vary on;
gzip_comp_level 6;
gzip_proxied any;
gzip_types text/html text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml;
gzip_min_length 1400;
if ($host !~* ^www\.) {
return 301 https://www.$host$request_uri;
}
if ($http_x_forwarded_proto != "https") {
return 301 https://$host$request_uri;
}
}
location ~* \.(?:ico|css|js|gif|jpe?g|png|svg)$ {
expires 30d;
add_header Pragma public;
add_header Cache-Control "public";
gzip_static on;
gzip on;
gzip_comp_level 4;
gzip_types text/html text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml;
}
Is there any way to fix it ?
Thanks to Marcin and Julien B it work now.
I changed the nginx directory to .platform/nginx/nginx.conf and get a default nginx config from the beanstalk instance, and set myconfig on it.
nginx.conf
#Elastic Beanstalk Nginx Configuration File
user nginx;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 65235;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
include conf.d/*.conf;
map $http_upgrade $connection_upgrade {
default "upgrade";
}
server {
listen 80 default_server;
access_log /var/log/nginx/access.log main;
client_header_timeout 60;
client_body_timeout 60;
keepalive_timeout 60;
#gzip off;
#gzip_comp_level 4;
#gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip on;
gzip_static on;
gzip_comp_level 6;
gzip_proxied any;
gzip_types application/javascript application/rss+xml application/vnd.ms-fontobject application/x-font application/x-font-opentype application/x-font-otf application/x-font-truetype application/x-font-ttf application/x-javascript application/xhtml+xml application/xml application/json font/opentype font/otf font/ttf image/svg+xml image/x-icon text/css text/html text/javascript text/plain text/xml;
gzip_min_length 1400;
# Include the Elastic Beanstalk generated locations
include conf.d/elasticbeanstalk/*.conf;
}
}
Related
I'm trying to find a way to load an html that shows "Server Down" or something similar when I'm building my application.
Right now I every time I build my backend and frontend there are couple of seconds when I see the below template if I go to the site:
I will like to customize that page or show a different template saying : Server Down at the moment or Building
My nginx.conf is the following. Where should I put the location for a 403.html template to load ?: This needs to be outside of the build folder I think, since the 403 page appears while it's building.
server { # [ASK]: is this what's causing the problem ?
root /home/smiling/smiling-frontend/website/build; ## development build
index index.html;
server_name frontend.develop.smiling.be; ## development domain
charset utf-8;
gzip on;
gzip_vary on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types
text/plain
text/css
text/js
text/xml
text/javascript
application/javascript
application/x-javascript
application/json
application/xml
application/xml+rss;
location / {
try_files $uri $uri/ /index.html;
}
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|svg|woff|woff2|ttf)\$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
}
location ~* \.(?:css|js)\$ {
expires 7d;
access_log off;
add_header Cache-Control "public";
}
location ~ /\.well-known {
allow all;
}
location ~ /\.ht {
deny all;
}
add_header Access-Control-Allow-Origin '*/';
add_header Access-Control-Allow-Headers 'origin, x-requested-with, content-type, accept, authorization';
add_header Access-Control-Allow-Methods 'GET, POST';
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/backend.develop.smiling.be/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/backend.develop.smiling.be/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
Your last sentence is kind of inconsistent... You like not to do something, but want to do the same thing nevertheless.
You could define your own page or string to be served on errors:
error_page 403 /403.html;
location = /403.html {
internal;
return 403 "Server Down at the moment"; # <- this could also contain an HTML string if your nginx defaults to text/html as content type.
}
You could also put a 403.html file in your root folder and skip the location part in order to serve a full HTML file here.
I've tried various methods of implementing GZIP on my nginx server, running a python/flask script. I'm trying to compress and cache static content, but nothing has worked so far.
my /etc/nginx/nginx.conf file looks like this:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server {
gzip on;
gzip_buffers 16 8k;
gzip_comp_level 4;
gzip_http_version 1.0;
gzip_min_length 1280;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript image/x-icon image/bmp;
gzip_vary on;
location ~* \.(svg|jpg|jpeg|png|ico|css|js)$ {
expires 365d;
}
}
}
What am I missing?
I'm working in a django application with a nginx proxy. In my app, I need to be able to change system date, but nginx always throws a 504 Gateway Time-out because it does not restart the init session time.
Anyone can say me how to disable nginx connection timeouts?
This is my nginx config file:
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
#Added by Denis
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_connect_timeout 31536000;
fastcgi_send_timeout 31536000;
fastcgi_read_timeout 31536000;
max_execution_time 31536000;
proxy_connect_timeout 31536000;
proxy_send_timeout 31536000;
proxy_read_timeout 31536000;
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 31536000;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/java$
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
I deploy my django with nginx and uwsgi
And I have a security issue The remote web server generates predictable session IDs.
Ports
tcp/80
Sending several requests gives us the following session IDs :
SERVERID=locationserverfarm1|Vv4q4|Vv4q4
SERVERID=locationserverfarm2|Vv4q4|Vv4q4
SERVERID=locationserverfarm3|Vv4q4|Vv4q4
SERVERID=locationserverfarm2|Vv4q4|Vv4q4
SERVERID=locationserverfarm1|Vv4q4|Vv4q4
How can I set to let it generate random session id ???
Please help me. Thank you.
This is my nginx setting :
nginx.conf
user www-data;
worker_processes 1;
pid /run/nginx.pid;
events {
worker_connections 3000;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
myweb.conf
upstream django {
server 127.0.0.1:8001;
}
server {
listen 80;
server_name 127.0.0.1;
charset utf-8;
# max upload size
client_max_body_size 75M; # adjust to taste
#security
add_header X-Frame-Options "DENY";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";
location /static {
alias /usr/share/nginx/ENV/mysite/mysite/staticfiles;
}
location / {
uwsgi_pass django;
include /etc/nginx/uwsgi_params; # the uwsgi_params file you installed
}
}
Have a ec2 server that has different subdomains that i wish to point to different services, trying to use the server_name to catch each but not working, always defaults to first conf (admin). In the example below I want example.com to use default.conf and admin.example.com to use admin.conf.
#nginx.conf
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
gzip on;
gzip_comp_level 9;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript applicat$
gzip_min_length 1000;
gzip_disable "MSIE [1-6]\.";
underscores_in_headers on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*.conf;
index index.html index.htm;
}
#/sites-enabled/default.conf
server {
listen 80;
server_name localhost;
root /usr/share/nginx/html;
}
#/sites-enabled/admin.conf
server {
listen 80;
server_name ^(www\.)?admin(-dev|-sandbox|)$ *.example.com;
#server_name admin.example.com # This is still caught by all routes
access_log /var/log/nginx/admin.access.log;
location / {
root /usr/share/admin-frontend;
index index.html index.html;
}
}
And I have setup the hosts file
127.0.0.1 localhost
127.0.0.1 admin.localhost
127.0.0.1 admin-dev.localhost
127.0.0.1 admin-sandbox.localhost
Currently if i use the public dns for ec2 (http://ec2-XX-XX-XX-XX.compute-1.amazonaws.com/) the admin config is triggered even though the server doesn't match.
Try this regexp:
server_name ~^(www\.)?admin(-dev|-sandbox|)\.example\.com$;
And I cant find *.example.com domain in your hosts file, maybe you need add them also
127.0.0.1 example.com admin.example.com admin-dev.example.com
etc